1 // tofuproxy -- flexible HTTP/HTTPS proxy, TLS terminator, X.509 TOFU
2 // manager, WARC/geminispace browser
3 // Copyright (C) 2021-2024 Sergey Matveev <stargrave@stargrave.org>
5 // This program is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, version 3 of the License.
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with this program. If not, see <http://www.gnu.org/licenses/>.
24 "go.cypherpunks.ru/ucspi"
25 ttls "go.stargrave.org/tofuproxy/tls"
29 dnsSrv := flag.String("dns", "[::1]:53", "DNS server")
30 crtPath := flag.String("cert", "cert.pem", "Path to X.509 certificate")
31 addr := flag.String("addr", "", "Domain name")
33 log.SetFlags(log.Lshortfile)
34 _, cert, err := ucspi.CertificateFromFile(*crtPath)
39 exists, valid := ttls.DANE(*addr, cert)
40 fmt.Println("Exists:", exists)
41 fmt.Println("Valid:", valid)